The Complexity of Temporal Logic over the Reals 
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Abstract 

It is shown that the decision problem for the temporal logic with until and since 
connectives over real-numbers time is PSPACE-complete. 



1 Introduction 

There are a variety of temporal logics appropriate for a variety of reasoning tasks. Propo- 
sitional reasoning on a natural numbers model of time has been well studied via the logic 
now commonly called PLTL which was introduced in ||Pnu77|] . However, it has long been 
acknowledged that dense or specifically real-numbers time models may be better for many 
applications, ranging from philosophical, natural language and AI modelling of human 
reasoning to computing and engineering applications of concurrency, refinement, open sys- 
tems, analogue devices and metric information. See for example |[KMP94[ or ||BG85 |. 

The most natural and useful such temporal logic is propositional temporal logic over 
real-numbers time using the Until and Since connectives introduced in |[Kam68 |. We will 
call this logic RTL in this paper. We know from | |Kam68|| that this logic is sufficiently 
expressive for many applications: technically it is expressively complete and so at least 
as expressive as any other usual temporal logic which could be defined over real-numbers 
time and as expressive as the first-order monadic logic of the real numbers. We have, 
from | GH90 | and [ Rey92|] , complete axiom systems to allow derivation of the validities of 
RTL. We know from PG85|| that RTL is decidable, ie that an algorithm exists for deciding 
whether a given RTL formula is a validity or not. Unfortunately, it has seemed difficult 
to develop the reasoning procedures any further. It is not even clear from the decision 



procedure in |PG85|| (via Rabin's non-elementarily complex decision procedure for the 
second-order monadic logic of two successors) how computationally complex it might be 
to decide validities in RTL. 

This is in marked contrast to the situation with PLTL which has been shown to have 
a PSPACE-complete decision problem in ||SC85| 
for PLTL have been developed. 



A variety of practical reasoning methods 



Here we show that as far as determining vahdity is concerned, RTL is just as easy to 
reason with as PLTL. In particular, the complexity of the decision problem is PSPACE- 
complete. 

This opens the way for the development of efficient reasoning procedures for RTL and 
for many practical applications. For example, it is commonly required to determine con- 
sequence relations between finite sets of formulas, eg a detailed description of the running 
of a system and a desirable overall property. Such a question is equivalent to a validity 
question. 

Note that there has been some work on restricted versions of temporal logic over the 
reals. In [[Rab98|| and [[KMP94|| the assumption of finite variability is made, ie it is supposed 



that atoms do not change their truth values densely in time. Under such an assumption, 
standard discrete time techniques can be used to develop decision procedures. We do not 
make any such assumptions. 

The proof here uses new techniques in temporal logic. In particular we further develop 
the idea of linear time mosaics as seen in |[Reyed|| . Mosaics were used to prove decidability 



of certain theories of relation algebras in ||l\lem95| and have been used since quite generally 



in algebraic logic and modal logic. These mosaics are small pieces of a model, in our 
case, a small piece of a real-fiowed structure. We decide whether a finite set of small 
pieces is sufficient to be used to build a real-numbers model of a given formula. This is 
also equivalent to the existence of a winning strategy for one player in a two-player game 
played with mosaics. The search for a winning strategy can be arranged into a search 
through a tree of mosaics which we can proceed through in a depth-first manner. By 
establishing limits on the depth of the tree (a polynomial in terms of the length of the 
formula) and on the branching factor (exponential) we can ensure that we have a PSPACE 
algorithm as we only need to remember a small fixed amount of information about all the 
previous siblings of a given node. 

In the case of the real numbers in this paper we do not emphasize the game aspect of 
this search but instead study certain structures which correspond to tactics in the game. 
By ensuring that mosaics get simpler as we get deeper in the tree we can respect the depth 
bound and also capture the Dedekind completeness of the underlying fiow. By ensuring 
that certain thorough mutually recursive relationships (called shuffles) between mosaics 
in the trees include at least one very simple pair of mosaics, we can also capture the 
separability property of the reals. 

The proof also vaguely suggests a tableau based method for determining validity but 
developing such a method will need some more work. 

2 The logic 

Fix a countable set L of atoms. Here, frames (T, <), or flows of time, will be irreflexive 
linear orders. Structures T = {T,<,h) will have a frame (T, <) and a valuation h for 
the atoms i.e. for each atom p & C, h{p) C T. Of particular importance will be real 
structures T = (R, <,/i) which have the real numbers flow (with their usual irreflexive 



linear ordering). 

The language L{U, S) is generated by the 2-place connectives U and S along with 
classical -i and A. That is, we define the set of formulas recursively to contain the atoms 
and for formulas a and /3 we include -la, a A P, U{a, (3) and S{a, (3). 

Formulas are evaluated at points in structures T = (T,<,h). We write T,x \= a when 
a is true at the point x E T. This is defined recursively as follows. Suppose that we have 
defined the truth of formulas a and (3 at all points of T. Then for all points x: 
T,x \= p iff x G h{p), for p atomic; 

T, X 1= -la iff T, X ^ a; 

T,x \= a A P iff both T,x \= a and T, x \= (3; 
T, X 1= U{a, P) iff there is y > a; in T such that T,y \= a 

and for all 2 G T such that x < z < y we have T, z \= P; and 
T, X 1= S'(a, P) iff there is ?/ < x in T such that T,y \= a 

and for all z G T such that y < z < x we have T, z \= p. 
Often, definitions, results or proofs will have a mirror image in which U and S are 
exchanged and < and > swapped. 

A formula is M.-satisfiable if it has a real model: i.e. there is a real structure S = 
(M, <, h) and a; G M such that S, x \= (p. A formula is W-valid iff it is true at all points of 
all real structures. Of course, a formula is M-valid iff its negation is not M-satisfiable. 
Let RTL-SAT be the problem of deciding whether a given formula of L{U, S) is M- 



satisfiable or not. The main result of this paper, proved in lemma 26 and lemma |2^ below, 
is: 

THEOREM 1 RTL-SAT is PS PACE- complete. 

3 Mosaics for U and S 

We will decide the satisfiability of formulas by considering sets of small pieces of real 



structures. The idea is based on the mosaics seen in [[Nem95|] and used in many other 
subsequent proofs. 

Each mosaic is a small piece of a model, i.e. a small set of objects (points), relations 
between them and a set of formulas for each point indicating which formulas are true there 
in the whole model. There will be coherence conditions on the mosaic which are necessary 
for it to be part of a larger model. 

We want to show the equivalence of the existence of a model to the existence of a 
certain set of mosaics: enough mosaics to build a whole model. So the whole set of mosaics 
also has to obey some conditions. These are called saturation conditions. For example, a 
particular small piece of a model might require a certain other piece to exist somewhere 
else in the model. We talk of the first mosaic having a defect which is cured by the latter 
mosaic. 

Our mosaics will only be concerned with a finite set of formulas: 



DEFINITION 1 For each formula (p, define the closure o/0 to be C10 = {ip, -iip \ ip < (p} 
where x^i' means that x ^s a suhformula ofip. 

We can sometimes think of C10 as being closed under negation: we could treat ->-ia as if 
it was a. To be more rigorous, we introduce the following notation. 

DEFINITION 2 For each a G L{U,S), define r^ a to mean (3 if a = ^jS and -la 
otherwise. 

Note that if a G C10 then ~ a G C10. Note also that in many places in the proof we 
explicitly use -la when we can be sure it is in C10, for example when U{a,l3) G C1(0). 

DEFINITION 3 Suppose G L{U, S) and S C C10. Say S is propositionally consistent 
(PC) iff there is no substitution instance of a tautology of classical propositional logic of 
the form -i(ai A ... A «„) with each ai G S. Say S is maximally propositionally consistent 
(MFC) iff S is maximal in being a subset of C10 which is FC. 

We will define a mosaic to be a triple {A, B, C) of sets of formulas. The intuition is 
that this corresponds to two points from a structure: A is the set of formulas (from C10) 
true at the earlier point, C is the set true at the later point and B is the set of formulas 
which hold at all points strictly in between. 

DEFINITION 4 Suppose (p is from L{U, S). A 0-mosaic is a triple {A, B, C) of subsets 
of Cl(p such that: 
0.1 A and C are maximally propositionally consistent, and 
0.2 for all j3 G C1(0) with ^p G C1(0) we have --(3 e B ijf r^ P e B 
and the following four coherency conditions hold: 
CI. if -iU{a,f3) G A and j3 E B then we have both: 

Cl.l. -la G C and either -ij3 E C or -iU{a,j3) G C; and 
CI. 2. ^ae B and ^U{a,/3) G B. 
C2. ifU{a,f3) G A and -la G B then we have both: 

C2.1 either a E C or both j3 E C and U{a,P) G C; and 
C2.2. f3eB andU{a,f3) eB. 
C3-4 mirror images of C1-C2. 



DEFINITION 5 Ifm = {A, B, C) is a mosaic then start(m) = A is its start, cover(m) = 
B is its cover and end(m) = C is its end. 

If we start to build a model using mosaics then, as we have noted, we may realise that 
the inclusion of one mosaic necessitates the inclusion of others: defects need curing. 

DEFINITION 6 A defect m a mosaic {A, B, C) is either 



1. a formula U{a,(3) G A with either 

1.1 (3^ B, 

1.2 (a^C andp ^C), or 

1.3 (a ^C and U {a, 13) ^C); 

2. a formula S{a^ P) E C with either 

2.1 p^B, 

2.2 (a^ A and 13 ^ A), or 

2.3 (a ^ A and S{a, j3) ^ A); or 

3. a formula (3 e C10 with r^ (3 ^ B. 

We refer to defects of type 1 to 3 (as listed here). Note that the same formula may be 
both a type 1 or 2 defect and a type 3 defect in the same mosaic. In that case we count it 
as two separate defects. 

We will need to string mosaics together to build linear orders. This can only be done 
under certain conditions. Here we introduce the idea of composition of mosaics. 

DEFINITION 7 We say that (jy-mosaics {A'.B'.C) and {A",B",C") compose iff C = 
A". In that case, their composition is {A\ B' nC H B", C"). 

It is straightforward to prove that this is a mosaic and that composition of mosaics is 
associative. 

LEMMA 1 // mosaics m and m' compose then their composition is a mosaic. 

LEMMA 2 Composition of mosaics is associative. 

Thus we can talk of sequences of mosaics composing and then find their composition. 
We define the composition of a sequence of length one to be just the mosaic itself. We 
leave the composition of an empty sequence undefined. 

DEFINITION 8 A decomposition for a mosaic (A, B, C) is any finite sequence of mo- 
saics (Ai, i?i, Ci), (^2, B2, C2), ..., {An, Bn, Cn) wMch composcs to {A, B, C). 

It will be useful to introduce an idea of fullness of decompositions. This is intended to 
be a decomposition which provides witnesses to the cure of every defect in the decomposed 
mosaic. 

DEFINITION 9 The decomposition above is full iff the following three conditions all 
hold: 

1. for all U{a,j3) E A we have 

1.1. j3 e B and either ((3 e C and U{a,(3) e C) or a e C, 

1.2. or there is some i such that 1 < i < n, a E Ci, for all j < i, P E Bj 
and for all j < i, P E Cj; 

2. the mirror image of 1.; and 

3. for each P G C10 such that r^ P ^ B there is some i such that 1 < i < n 
and P E Ci. 



If 1.2 above holds in the case that U{a, /3) G A is a type 1 defect in {A, B, C) then we 
say that a cure for the defect is witnessed (in the decomposition) by the end of {Ai, Bi, Ci) 
(or equivalently by the start of (Aj+i, Sj+i, Cj+i)). Similarly for the mirror image for 
S{a,P) E C. If /3 G Cj is a type 3 defect in {A,B,C) then we also say that a cure for 
this defect is witnessed (in the decomposition) by the end of {Ai, Bi, Ci). If a cure for any 
defect is witnessed then we say that the defect is cured. 

LEMMA 3 If mi, ...,mn is a full decomposition of m then every defect in m is cured in 
the decomposition. 

4 Satisfiability and relativization 

Because mosaics represent linear orders with end points, it is inconvenient for us to continue 
to work directly with M. Because we want to make use of some simple tricks with the metric 
at several places in the proof, we will move to work in the unit interval [0, 1] instead. 

li X < y from M then let ]x,y[ denote the open interval {z G M|a; < z < y} and [x,y] 
denote the closed interval {z G M.\x < z < y}. Similarly for half open intervals. 

One can get a mosaic from any two points in a structure. 

DEFINITION 10 If T = (T, <,h) is a structure and a formula then for each x < y 
from T we define m.os^{x,y) = {A,B,C) where: 

A= {aeC\(l>\T,x\=a}, 

B = {/3 G C10I for all z E T, if x < z < y then T,z \= P}, and 

C= {7GC10|r,t/|=7}. 

It is straightforward to show that this is a mosaic. 

LEMMA 4 in.osq-{x,y) is a mosaic. 

If T and (j) are clear from context then we just write mos(x, y) for mos^(a;, y). 

DEFINITION 11 Suppose T C R. Let < also denote the restriction of < to any such 
T. We say that a (p-mosaic is T-satisfiable iff it is mos^(a;, y) for some x < y from T and 
some structure T = (T, <,h). 



DEFINITION 12 We say that a (p-mosaic is fully [0, l]-satisfiable iff it is mos^(0, 1) 
from some structure T = ([0, 1], <, /i). 

We will now relate the satisfiability of a formula to that of certain mosaics. 



DEFINITION 13 Given and an atom q which does not appear in (p, we define a map 
* = *'l^ on formulas in C1(0) recursively: 

1. *p = p Aq, 

2. *-!« = -i(*a) A q, 

3. *{aAp) = *{a)A*{P)Aq, 

4- *U{a,(3) = U{*a,*(3) A q, and 
5. *S{a,p) = S{*a,*p) Aq. 

So *g(0) will be a formula using only q and atoms from 0. 

LEMMA 5 *t{(/)) is at most 3 times as long as 0. 

LEMMA 6 Ifa<(p then *a < *0. 



DEFINITION 14 We say that a *'ll{(f))-mosatc {A,B,C) is (0, g) -relativized iff 

1. -iq is in A and no S{a,f3) is in A; 

2. q e B and -i *^ (0) ^ B; and 

3. -ig G C and no U{a,j3) is in C. 



LEMMA 7 Suppose that (p is a formula of L{U, S) and q is an atom not appearing in 0. 
Then is M^-satisfiahle iff there is some fully [0, l]-satisfiable (0, q) -relativized *'!'{(/)) -mosaic. 

PROOF: Let * = *^ and let ( :]0, 1[^ R be any order preserving bijection. 
Suppose that is M-satisfiable. Say that S = {M.,<,g), sq G M and 
S, So 1= 0. Let T = {[0,1], <,h) where: 

1. for atom p ^ q, h{p) = {t g]0, 1[|C(^) ^ 9{p)}'i and 

2. %)=]0,1[. 

An easy induction on the construction of formulas in C1(*0)) shows that T, (^^{sq) \= 
*0 and so mos^(0, 1) is the right mosaic. 

Suppose mosaic {A,B,C) = mos(0, 1) from structure T = {[0,1], <,h) is 
a (0, g)-relativized *(0)-mosaic. Thus q E B and -iq E A (1 C. Define S = 
(M, <,g) via s G g{p) iff C~^(s) G h{p) for any atom p (including p = q). As 
-I * (p ^ B there is some z such that < 2; < 1 and T, z |= *0. It is easy to 
show that S, ({z) |= 0. D 

Our satisfiability procedure will be to guess a relativized mosaic {A, B, C) and then 
check that {A, B, C) is fully [0, l]-satisfiable. Thus we now turn to the question of deciding 
whether a relativized mosaic is satisfiable. 



5 Shuffles 

A game can be played by two players with mosaics: one player provides full decompositions 
for the mosaics chosen by the other. We will not develop this idea here but we will examine 
some structures which correspond to tactics in this game. In this section we will consider 
the most complex such structure: the shuffle. 

We shall write (pi, ...,Pn) for the sequence of mosaics containing pi, ...,p„ in that order. 
We shall write tt ^p for the sequence resulting from the concatenation of sequences tt and 
p in that order. Sequences will always be finite. 

DEFINITION 15 Suppose < r, each \i{l < i < r) is a non-empty composing sequence 
of (f)-mosaics, and Pq, ..., Pg (0 < s) are maximally propositionally consistent subsets of Clcp. 
Suppose (jy-mosaic o = {A, B, C) and: 

m'={A,B,Po); 

y, = {P,,B,P,+^) {Q <i < s - I); 

ys = {Ps,B,Po); 

m" = {Po,B,C); and 

f^= {yQ,---,ys)- 

If r = suppose X= {), the empty sequence, but otherwise, ifr>0, suppose: 
Ai is the start of the first mosaic in Xi{l < i < r) ; 
Ci is the end of the last mosaic in Xi{l < i < r) ; 
Xo= (Po,5,Ai); 
Xi = id, B,Ai+,), (l<2<r-l); 

Xr = [Cr, B, Pq); 

A = (xo)^Al^(a;l)^..^A,^(x,). 

Further suppose that m' , m" , and each yi and Xi are mosaics. 

Then we say that o is fully decomposed by the tactic shuffle {{Pq, •••, Ps), (Ai, ..., A^)) iff 
the following conditions all hold: 
Fl. a is fully decomposed by {m') ^X ^p ^{m"); 
F2. if r > 0, xq is fully decomposed by X ^p ^{xq); 
F3. if < i < r, Xi is fully decomposed by 

(x,) ^A,+i ^(x,+i) ^.. ^A, ^(x,) V ^(xo) ^Ai ^(xi) ^.. ^A, ^(x,); 
F4. if r > 0, Xr is fully decomposed by (xr) ^p ^X; 
F5. ifO<i< s, yi is fully decomposed by {yi,yi+i, ...,ys) ^X ^{yo, ...,yi); 
F6. ys is fully decomposed by {ys) ^X^p. 



The term shuffle has been used in the literature (see, for example, |[LL66|| or |PG85|| ) 



to refer to a certain method of constructing a monadic linear structure from a thorough 
mixture of smaller linear structures. The intention here is similar. 

Note that as s > there is at least one Pi involved in the shuffle. In a general linear 
order setting we could define a shuffle with no PjS (provided that then r > 0) but over the 
reals it turns out to be crucial to require at least one Pi. This ensures that the mosaic is 
satisfiable in a structure on a separable linear frame. 

8 



For the purposes of algorithmic checking of shuffles we find it convenient to have a 
different characterization of shuffles. First a couple of helpful properties. 

DEFINITION 16 Suppose G L{U, S) and m is a (j)-mosaic. We say that an MPC 
set Q C C1(0) satisfies the forward K{m) property iff for any U{a,(3) G C1(0) we have 
U{a,(3) ^ Q iff' both (3 G cover(m) and (at least) one of the following holds: 

Kl r-u a ^ cover (m); 

K2 a G end(?72); or 

K3 /3 e end(m) and U{a,(3) G end(m). 
The mirror image is the backwards K{m) property. 

LEMMA 8 Suppose G L{U, S),m= {A, B, C) is a (j)-mosaic, and each Pi C C1(0) (0 < 
i < s) and each Xi {1 < i < r) is a sequence of (f)-mosaics. 

Then m is fully decomposed by the tactic shuffle {{Pq, ..., Ps), (Ai, ..., A^)) iff the follow- 
ing seven conditions hold: 

50 B is a subset of each Pi and of the start, end and cover of each mosaic in each A^; 

51 each Pi satisfies both the forward and backwards K{m) property; 

52 the start of the first mosaic in each Aj satisfies the backwards K{m) property; 

53 the end of the last mosaic in each Aj satisfies the forwards K{m) property; 

54 A satisfies the forward K{m) property; 

55 C satisfies the backwards K{m) property; 

56 if 13 & C1(0) but r^ (3 ^ B then either j3 is contained in some Pi or 
13 is contained in the start or end of some mosaic in some Aj. 

PROOF: 

Consider the forward direction of the proof. Suppose m = {A, B, C) is fully 
decomposed by the tactic shuffle ((-Po, •••, -Ps), (Ai, ..., A,.)). 

By FO, we have a decomposition for m including each Aj and mosaics with 
each Pi in their starts or ends. 5*0 follows. 

We now establish condition SI. Each Pi is an MPC by the definition of a 
shuffle. To show the forward K{m) property for Pi, suppose that U{a,l3) G Pj. 
We consider the case when i < s: the case with i = s is similar. We know (F4- 
F5) that yi = {Pi,B,Pi+i) is fully decomposed by {yi,...,ys) ^\ ^{yo, ...,yi). If 
U{a, P) is a type 1 defect in y, then it is cured in this decomposition and we 
can conclude that (3 is in the cover B of the first mosaic yi. If U{a, (3) is not a 
type 1 defect in yi then (3 G cover(|/j) = B as well. Thus in any case j3 E B. 

I claim that U{a,l3) G A. If not then -^U{a,j3) G start(m) and coherency 
CI. 2 of m implies that -^U{a,(3) E B C Pi. This is a contradiction to the 
consistency of Pi. 

So U{a,l3) G A is either a type 1 defect in m or not. In the former case it 
is cured in the full decomposition (-F1) for m and so a appears in the start or 
end of a mosaic in some Xj or in some Pj. Thus -la ^ cover (m) = B. This is 
Kl. 

9 



If U{a, (3) & A is not a type 1 defect in m then K2 or K3 holds by definition. 

We now show the converse part of the forward K{m) property for Pj. Sup- 
pose that both (3 G cover(m) and Kl holds: the cases of K2 or K3 holding are 
straightforward. Thus ~ a ^ 5, a is a type 3 defect in m and so a cure is 
witnessed in some Pj or in the start or end of some mosaic in some \j. Now 
look in the decomposition F5 (or F6) for Ui in which we have (3 holding in all 
starts, ends and covers and a appearing somewhere. A simple induction shows 
that we must have U{a,f3) in the very start Pj as required. 

To show the backwards K{m) property is the mirror image. 

Very similar arguments establish conditions S2 - S6. To show condition S2 
we just use the full decomposition (F2-F3) for Xj_i and reason about type 2 
defects. To show condition S3, use the full decomposition (F2-F4) for Xi and 
reason about type 1 defects. Conditions S4, S5 and S6 follow from using the 
full decomposition (Fl) for m and reasoning about type 1, 2 and 3 defects 
respectively. 

Now consider the converse: suppose that the seven conditions S0-S6 hold 
for mosaic m = (A, P, C). 

First we must show that each of m' , m", each yi and any Xj (as defined from 
m, the Pj and the Aj in the definition of a shuffle) are mosaics. This follows 
from 

CLAIM 1 // the MFC D C C1(0) satisfies the forward K{m) property, the 
MFC E C C1(0) satisfies the backwards K{m) property and B C D H E then 
(D, B, E) is a mosaic. 

PROOF: We must check the first two coherency conditions. The 
mirror images are mirror images. 

(CI). Suppose ^U{a,(3) eD and /SeB. 

First we establish that we must have U{a, 13) ^ A. Suppose not for 
contradiction. Since U{a,l3) ^ P, Kl does not hold and so -la G P, 
K2 does not hold and so -^a G C and K3 does not hold and so either 
P ^ C oi U{a, 13) ^ C . We have a contradiction to the coherency 
(C2.1) of m. 

(Cl.l). First, we show -la G E. Otherwise, -la ^ B C E. Thus, 
by Kl, U{a,l3) G P and we have our contradiction. 

Next we show that either -i/3 G P or -^U{a,P) G P. Suppose 
instead that /? G P and U{a,p) e E D B. Thus ^U{a,P) ^ P. By 
coherency CI. 2 of {A,B,C), we must have U{a,P) G A which is a 
contradiction. 

(CI. 2). We show that -^a e B and -^U{a,f3) G P. We can not 
have -la ^ P, as then Kl implies U{a,f3) G P. We can not have 
-iP(q;,/3) ^ P as then coherency (CI. 2) of m implies U{a,P) E A, a. 
contradiction. 
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(C2). Assume U{a,l3) G D and -la G B. By the forward K{m) 
property for D, j3 & B C E and, since -la G B, either K2 or K3 holds 
(for C). By the coherency Cl.l of m we can conclude that we can 
not have -^U{a,(3) G A. Thus U{a,(3) G A and C2.2 of m implies 
that U{a, P) E B C E as required. D 

Next we must check the fullness of the decompositions. This follows by 

CLAIM 2 Suppose D and E are as in the previous claim. 

Furthermore, suppose the sequence a of mosaics composes to {D, B, E) such 
that for each {3 G C1(0) with r^ [3 ^ B, there is a mosaic in a other than the 
very first which includes j3 in its start. 

Then {D, B, E) is fully decomposed by a. 

PROOF: Type 1 defects: Suppose f/(a,/9) G £> is a type 1 
defect of (Z^, i?, E). By the forward K{m) property for D, (3 E B. 

As U{a, P) is a type 1 defect a ^ E and either P ^ E or U{a, P) ^ 
E. By coherency C2 of (Z), B, E), -la ^ B. So ~ a ^ -B and a must 
appear in a non-first mosaic in a and we have our cure. 

Type 2 defects: mirror image. 

Type 3 defects: Suppose p G C1(0) but ~ /3 ^ B. Thus p 
appears in the start of a non-first mosaic in a. We have our witness. 
D 

Thus m is fully decomposed by the tactic shuffle ((Pq? •••) Ps), (^i, ..., A^)) as 
required. D 

6 Real Mosaic Systems 

In this section we define a concept of a collection or system of mosaics in which each member 
is decomposable in terms of simpler members. First another tactic for decomposition. 

DEFINITION 17 Suppose G L(U, S), m is a (p-mosaic and a is a non-empty sequence 
of (p-mosaics. Then, we say that m is fully decomposed by the tactic lead((T) iff (m) ^a 
is a full decomposition of m. We say that m is fully decomposed by the tactic trail(cr) iff 
o ^(m) is a full decomposition of m. 

DEFINITION 18 For G T{U^ S), suppose S is a set of (f)-mosaics and n > 0. 

A (f)-mosaic m is a level n"*" member of S* iff' m is the composition of a sequence of 
mosaics, each of them being either a level n member of S or fully decomposed by the tactics 
lead(cr) or trail((T) with each mosaic in a being a level n member of S. 

A (p-mosaic m is a level (n -|- 1)~ member of S* iff m is the composition of a sequence 
of mosaics, each of them being either a level n'^ member of S or fully decomposed by the 
tactics lead(o') or trail(o') with each mosaic in a being a level n^ member of S . 
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A (p-mosaic m E S is a level n member of S* iff rn is the composition of a sequence of 
mosaics with each of them being either a level n^ member of S or a mosaic which is fully 
decomposed by the tactic shufile((Po5 ■■■,Ps), (o"i, •••,o"r)) with each mosaic in each cXi being 
a level n^ member of S. 

Note that it is generally possible for mosaics to be level members of some S provided 
that they are compositions of mosaics which can be fully decomposed by shuffles in which 
there are no sequences (ie, r = 0). 

DEFINITION 19 For G L{U,S), a real mosaic system of (p-mosaics is a set S of 
(p-mosaics such that for every m E S there exists some n such that m is a level n member 
of S. For any n we say that S is a real mosaic system of depth n iff every m E S is a level 
n member of S . 

7 Realizing Mosaics 

In this section we show that relativized mosaics which appear in real mosaic systems are 
satisfiable. To do so we define a concept of realization intended to capture the idea of a 
mosaic being satisfiable as far as internal information is concerned: ie we ignore formulas 
of the form U{a, 13) in the end or S{a^ 13) in the start. 

DEFINITION 20 Suppose that x < y from [0, 1]. We say that (p-mosaic m is realised 
by the map fi on the closed interval [x, y] iff the following conditions all hold: 

Rl. for each z G [x^y], fi{z) is a maximally propositionally consistent subset of Cl(f); 
R2. Suppose z G [x^y[. Then U{a,P) G fi{z) iff either 

R2.1, there is u such that z < u < y and a G ^{u) and for all v, 
if z < V < u then P G /i(f ) or 

R2.2, l3 G /i(i/), U{a,l3) G jiiy) and for allv, if z < v < y then P G fJ,{v); 
R3. the mirror image of R2 for S{a, (3); 
R4- fi{x) is the start of m; 
R5. fi{y) is the end of m; and 
R6. for each j3 G C10, j3 is in the cover of m iff for all u, ifx<u<y,f3E fi{u). 

LEMMA 9 If m is the composition of m' and m" with each of m' and m" having a 
realization on any closed interval of [0, 1] then for any x < y from [0, 1], there is fi which 
realises m on [x, y] . 

PROOF: Given x < y from [0, 1] choose any w with x < w < y. Let fi' 
realize m' on [x,w] and fi" realize m" on [w,y]. Define /i : [x,y] -^ p(C10) via: 



/ ^ f u (u), X < u < w 
liiu) = < ,;, \ . 

y jj, \u), w < u < y 



12 



... ^fc-1 hk hi 62 
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yo = y 



Figure 1: Realizing lead tactics 

It is straightforward to check that fi realizes m on [x, y] . Use the facts that 
end(m') = start(m") and cover(m) = cover(m') fl start(m") fl cover(m"). 
D 



LEMMA 10 Ifm is fully decomposed by the tactic lead(a") with each mosaic in a having 
a realization on any closed interval of [0, 1] then for any x < y from [0, 1], there is ji which 
realises m on [x,y]. There is a mirror image result for iiai\{a) . 

PROOF: Say a = {hi, ..., hk). Choose a sequence x < ... < y2 < yi < yo = y 
converging to x. For each i = 1,2, ..., and each j E J = {I, ..., k}, let /ijj realize 
hj on [yik-j+i,yik-j]. 

Define /i : [x,y] — > p(C10) via /i(x) = start (m),/i(?/) = end(m) = end{hk) = 
start(6i) and if z e]yik-j+i,yik-j], then put fi{z) = fii,j{z). 

I claim that /i realizes m on [x, y] . Consider the six realization conditions. 
The harder cases are conditions R2 and R6. There are several subcases and 
their converses and they all involve similar sorts of reasoning so we will just 
present a few for illustration purposes. 

To show the forward direction of R2 assume that z G [x,y[ and U{a,f3) G 
fi{z). The subcases concern whether z = x, z equals some yik-j < yo or z is in 
some ]yik-j+i,yik-j[. We must show that R2.1 or R2.2 holds. 

Suppose X = z and U{a, 13) G /i(x) is a type 1 defect in m. As (m, hi, ..., hk) 
is a full decomposition of m, a cure to this defect is witnessed in this sequence. 
We can conclude that /3 is in the cover of m and so in the starts, covers and 
ends of each of the 6j. We can also conclude that a is in the start of some hi 
and in the end of the preceding one hj (with j = kiii = 1). R2.1 follows easily 
with u = yk-j. 

Suppose X = z and U{a,P) G fi{x) is not a type 1 defect in m. So /3 G 
cover(m). If a G end(?72) then R2.1 holds. Otherwise R2.2 holds. 

Suppose U {a, (3) G fi{z) and z e]yik-j+i,yik-j[. SoU{a,f3) G fJ^i,j{z). Now hj 
is realized by fj,ij on [yik-j+i, yik-j] and so by R2 (for fj,ij) either R2.1 holds and 
we are almost immediately done or R2.2 holds. In this latter case (3 G end{hj), 
U{a, P) G end{hj), we may suppose -la G end{hj) and for all v, ii z < v < yik-j 
then P G fiij{v) = /i(f). 

Possibly there are some i' > and j' G J such that < i'k —j' < ik—j (so 



yik- 



< 



yiik-j'+i < yi'k-j' < yo) and either one of the following five holds: (3 ^ 
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cover(6j/); -la ^ cover(6j/); /? ^ end(6j'); a G end(6j'); or U{a,P) ^ end{bj/). 
If there is no such i',j' then it is straightforward to show that R2.2 holds and 
we are done. If there are such i',j' then we can suppose that they are chosen 
so that i'k — j' is greatest possible. It follows that U{a,P) G start(6j'). If 
R2.1 holds of yUj'j/ then it is easy to finish. So suppose not. Thus R2.2 holds 
of fii'jr and we can conclude via R6 that (3 G cover(6j'), (3 G end(6j') and 
U{a,(3) G end{bj/). Because R2.1 does not hold of fii>jr we can also conclude 
via R6 that -la G cover(6j/) and -la G end{bjr). This contradicts our choice of 
i' and j' and we are done. 

For the converse direction of R2, we assume that z G [x,y[ and either R2.1 
or R2.2 holds. The subcases concern whether R2.1 or R2.2 holds and whether 
z = X, z equals some yik-j < Vo or z is in some ]yik-j+i,yik-j[- We must show 
that U{a, P) G A*(^). 

Suppose R2.2 holds with z in some ]yik-j+i,yik~j[- So /9 G /i(y), U{a,P) G 
fi{y) and for all v, ii z < v < y then /? G /x(f ). A straightforward induction 
on i'k — j', using R2.2 for each /Xj/ ,,v shows that for all such numbers with 
< i'k — j' < ik — j, we have U{a,P) G fi{yi'k-j')- That U{a,P) G fJ'ijiz) 
follows immediately by using R2.2 on Hij. 

For the forward direction of condition R6, suppose f3 is in the cover of m. 
Thus f5 is in the start, end and cover of each hi as they compose (with m itself) 
to m. Also note that the end of bk is the same as the start of bi. By conditions 
R4, R5 and R6 for each /ijj, P G fi{z) for each z G [yik-j+i, yik-j] as required. 

For the converse direction of condition R6, suppose, for all u E]x,y[, P G 
n{u). It is clear that P is in the cover, start and end of each 6j. If P was not 
in the cover of m then the fact that (m, bi, ...,bk) is a full decomposition of m 
would imply that ~ P would be in the start of some bi. Hence, by contradiction, 
P is in the cover of m as required. D 

Recall that a linear order (T, <) is separable iff there is countable set Q C T such that 
if s < t are from T then there is q & Q such that s < q < t. Clearly M is separable with Q 
being a dense countable suborder. 

LEMMA 11 Suppose x < y are from [0, 1], < r and < s. 

Then there are sets Ki, ...,Kr of closed intervals of]x,y[ and sets Rq, ...,Rs of elements 
of]x,y[ such that: 

• if [a,b] G Ki and [c,d] G Kj and [a,b] and [c,d] are not disjoint then i = j , a = c 
and b = d; 

• if [a, b] G Ki then [a, b] is disjoint from Rj; 

• ^/ ^ 7^ J then Ri and Rj are disjoint; 

• ifu<v are from [x, y] and are not both in the same interval in some Ki then for each 
j = 1, ...,r there is an interval in Kj which begins strictly after u and ends strictly 
before v and for each j = 0, ..., s there is some z G Rj such that u < z < v; 
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• every z E]x,y[ appears in some Rj or in some interval in some Ki. 

PROOF: We can proceed in a two stage construction as follows. Stage one 
is the construction of the Ki. If r = skip this stage. 

Stage one proceeds in uj rounds starting with round 0. Start with all the 
Ki empty. Before each round K = IJi<j<r -^« ^^^^ contain finitely many closed 
intervals within ]x, ?/[. So there will belinitely many open maximal intervals 
partitioning the complement of IJr ^^^j^[u, v] within ]x, y[. Call these the spaces 
left before that round. 

In round put [(2a; + y)/3, {x + 2y)/3] in Ki. In general, for each space 
]u, v[ left before round pr + q+l (for integers p > and q with < g < r), put 
[{2u + v)/3, {u + 2f )/3] in -K'g+i. Notice that we leave spaces on each side of 
the new intervals and these spaces are one third as wide as the original space. 

After 00 rounds we have our final KiS. 

We will now use the separability property of M to show that there are still 
plenty of points of ]a;, y[ not in any interval in any Ki. Let R be the set of these 
points. 

I claim that between every pair of intervals from |J Ki there are some ele- 
ments of R. To show this by contradiction suppose that no element of R lies 
between [a, 6] and [c, rf] (where b < c). So, for every w &]b,c[ there is some 
interval /«, G |J iCj with w E Iw 

Let {S,-<) be the ordering of intervals from [jKi which lie within ]b,c[ 
inherited from their elements. This is isomorphic to the rationals order as it is 
countable, dense and without endpoints. 

Thus the order {S, -<) has an uncountable order (G, -<) of gaps. Define 
a map / : G ^ M as follows: given a gap 7 in S*, let X = {x G M | 
a; lies in some [u,v] G S* with [u,v] -< 7}. Let /(7) = sup(X) which exists 
as X C M. Clearly / is order preserving and one-to-one. Furthermore, if 7 < (5 
are gaps of S then there is [u,v] G S between them. Thus b < f{j) < u < 
V < f{6) < c and u must also be strictly between the interval //(^) from S con- 
taining 7(7) and the interval Ifi^s) from S containing f{S). These two intervals 
must be disjoint. 

Thus {//(7) I 7 G G} is an uncountable set of pairwise disjoint non-singleton 
intervals of M. This clearly contradicts separability. 

Thus i? is a set of points densely located between the intervals in the Ki or, 
in the case that r = 0, R =]x, y[. 

It is straightforward to partition R densely into the pairwise disjoint Rq, ...,Rs 
as required. 

D 

LEMMA 12 If m is fully decomposed by the tactic shufile((Po) •••? -Ps); (-^ij •••) -^r)) with 
each mosaic in each Aj having a realization on any closed interval of [0, 1] then for any 
X < y from [0, 1], there is v which realises m on [x,y]. 
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PROOF: Let Ki, ...,Kr and i?o, •••, -Rs be as constructed for [x, y] in lemma pT 

Suppose 1 < i < r and Aj = (si, ..., Se(i)). For each interval [u,v] G -ft'j 
choose a sequence m = wq < wi < u^2 < ••• < We(j) = v and for each j = 
1, ..., e{i), let /(m, f , j) be the interval [wj-i, Wj]. Let i^n.^j realize Sj on /(«, f , j). 

Define z/ via i^(x) = start(m), i>{y) = end(m), for each z in I{u,v,j) within 
an interval [u, v] from Ki, v{z) = i'u,v,j{z) and for each z G Ri, v{z) = Pi. Note 
that z may lie at the end of some I{u, v,j) and the beginning of I{u, v,j + 1). 
In that case, the fact that the mosaics in each Aj compose will guarantee that 
fj,{z) is well-defined. 

I claim that u realizes m = {A, B, C) on [x, y]. Consider the six conditions. 
The harder cases are conditions R2 and R6. It is useful to consider condition 
R6 first. 

For the forward direction of condition R6, suppose j3 is in the cover of m. 
By lemma |^ SO, /5 is in each Pj and in the start, cover and end of each mosaic 
in each Aj. So (3 is in z/(^) for each z in each Ri and in each I{u,v,j) in each 
[u,v] in each K^. Thus /3 G u^z) for each z E]x,y[ as required. 

For the converse direction of condition R6, suppose, for all u E]x,y[, j3 G 
z/(u). For contradiction suppose that (3 is not in the cover of m. Thus ~ /3 is 
a type 3 defect in m and this is cured in the full decomposition Fl. Thus ~ /? 
appears in the start of a mosaic in A or in /i or in the start of m". Thus ~ (3 
appears in the start of a mosaic in one of the Aj or appears in one of the Ai, Ci 
or Pi. Thus r^ P & u{w) for w being the start of some I{u,v,j) for some [u,v] 
in some Ki or for w where some [u, w] is in some Ki or for w in some Ri. Thus 
/3 can not be in z/(w) and we have our contradiction. Hence, [3 is in the cover 
of m as required. 

To show the forward direction of R2 assume that z G [x,y[ and U{a,f3) G 
z/(z). The subcases concern whether z = x, z is in some Ri or z is in some 
I{u,v,j) for some [u,v] in some Ki. We must show that R2.1 or R2.2 holds. 
Again there are several subcases and their converses using similar sorts of ar- 
guments. We give a selection for illustration purposes. 

First consider z = x. So U{a,/3) G z/(a;) = A. Now m is fully decomposed 
by (m') ^A ^/i ^{m") so, by definition of a full decomposition, either (1) U{a, (3) 
is a type 1 defect cured in the decomposition or {2) [3 E B and either { [3 E C 
and t/(a,/3) G C) or a G C. These latter conditions (2) give us the desired 
result immediately. 

If U{a,l3) G A is cured in the full decomposition of m then it is clear that 
13 is in the cover of the first mosaic, m' . But this cover is B itself so (3 E B 
and P G z/(t>) for all v E.]x, y[. Now a appears in the end of a mosaic in the full 
decomposition and so in z/(m) for some u e]x, y[. Thus we are done. 

Now consider the case oi z E Ri with f/(a,/3) G 1^(2) = Pj. The case of 
i = s is a slightly special case of what follows and can be proved with slight 
modifications so we will omit that case. Assume < i < s. 

Thus yi = {Pi, B, Pj+i) is fully decomposed by {yi, ..., ys) ^A ^{yo, ...,yi) and 
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we must have P G cover(|/j) = B. This is whether or not U{a, 13) G Pj is a type 
1 defect in yi or not. By the argument above for the R6 case, (3 G v{v) for all 
V e]x,y[. 

If ~ q; ^ -B then a is a type 3 defect in m and thus is cured in the full 
decomposition. Thus a appears in the start of a mosaic in A or in /x or in the 
start of m" . Thus a appears in the start of a mosaic in one of the Aj or appears 
in one of the Aj, Ci or Pi. Thus a G v{w) for w > z being the start of some 
/(■u, f , j) for some [m, v\ in some Ki or for w where some [m, w\ is in some Ki or 
for w in some Ri. Combined with the observation about {3 this gives us R2.1. 

Otherwise, ^ a & B and so coherency CI. 2 along with the fact that 
-if/(Q;,/9) ^ B gives us U{a,l3) G A. By the fullness of the decomposition 
of m, either a appears in the start of a mosaic in A or in /i or in the start of m" 
(and we proceed as above), a & C (and R2.1 holds) or /9 G C and U{a, l3) E C 
(and R2.2 holds). We are done. 

The case of z in some I{u,v,j) for [u,v] G Ki is similar but a little more 
complex. 

For the converse direction of R2, we assume that z G [x,y[ and either R2.1 
or R2.2 holds. The subcases concern whether z = x, z is in some Ri or z is in 
some I{u,v,j) for some [u,v] in some K^. We must show that U{a,P) G i^{z). 

Consider just the case of R2.1 holding for z in some I{u',v',j) for some 
[u',v'] in some Ki. Let u' = wq < wi < ... < We(i) = v' be such that each 
I{u',v',j) = [wj-i,Wj]. Thus Wj-i < z < Wj. We have z < u <y and a G //(m) 
and for all v, j3 & '^{i^)- There are three possibilities for u. 

Suppose z < u < Wj. Thus R2.1 holds for i^u',v',j and so U{a,P) G ^{z) = 

^u',v',j{z). 

Suppose z < Wj < Wj' < u < Wj'+i < We{i). By R2.1 or R2.2, U{a,P) G 
v{wji). An easy induction using R2.2 establishes that U{a.,j3) G i^{wj). Then 
R2.2 gives us U{a,j3) G u^z) as required. 

Suppose We{i) < u < y. For each i = 0, ..., s, choose w E]we(i),u[ with w G 
Ri. So /5 G u^w) = Pi. For each i' = 1, ...,r, choose [u",v"] G -K'j' with We{j) < 
u" < v" < u. Say Aj/ = (si, ..., Se(j')) and for each j' = l,...,e(i'), I{u",v",j') = 
[w'j,_^,w'j,]. Now/3 G z/(w^v_i) = start(sj),/5 G n«,//g[^^,,_^,^/,] z^(w") = cover(sj/) 

and P G z^(w^/) = end(sj/). We can conclude P G z/(f') for all v' E]x,y[ and so 
by R6 that /3 G -B = cover(i?) and so in the cover of all mosaics in each Aj/ and 
each Xi' and each ?/»/. 

There are two cases now: either ~ a G -B or not. Suppose ~ a G -B so 
that r^ a E u^w) for all w E]x,y[. So a; ^ z/(w) for any such w. We know that 
a G ^{u) so it follows that u = y. Thus a G end(m). Coherency Cl.l implies 
that f/(a;,/3) G start(m) and C2.2 gives us U{a,P) G cover(m) = B. By R6, 
U{a,P) G //(z) as required. 

The other case is that ~ a ^ i? so that a is a type 3 defect in m and so ap- 
pears in the start of a mosaic in some Aj/, at the end of some Aj/ or in some Pj/. If 
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i < r then Xi = {Ci, B, Aj+i) is fully decomposed by (xj) ^A^+i ^(xi+i) ^... ^A^ ^ 
{xr) V ^(xo) ^Ai ^(xi) ^... ^Ai ^(xi). Hi = r then x^ = (Ci,5,Po) is fully 
decomposed by (x,.) ^/i ^A. In either case /5 is in the starts, covers and ends of 
all the mosaics and a is in the start of one of the mosaics. A simple induction 
using coherency Cl.l tells us that U{a,P) G Ci. 

Now consider Aj = (si, ...,Se(j)) say with U{a,/3) G end(se(j))) and /5 in all 
the starts, ends and covers. A simple induction using coherency Cl.l gives us 
U{a, P) in the start and end of each Sj/. So we have /3 and U{a, [3) in Uij^Wj) = 
viwj). If 2; = Wj we are done. Otherwise, Wj-i < z < w < Wj. However, Uij 
realizes Sj on [wj-i,Wj] and so condition R2.2 gives us U{a,P) G i^i,j{z) = vi^z) 
as required. D 



LEMMA 13 Suppose that cj) G L{U,S), q is an atom not appearing in and m is a 
{(j),q) -relativized *'^{(j)) -mosaic which appears in a real mosaic system. Then m is fully 
[0, 1]- satis fiable. 

PROOF: let * = *p Given the real mosaic system S of *(0)-mosaics, we 
can easily proceed by induction on k to show that, for any x < y from [0, 1], 
for any level k member m E S there is /i which realises m on [x, y]. Each step 
of the induction is just a use of one or two of the preceding lemmas P, |l^, its 
mirror image and |T^. 

So we have /i which realizes m on [0, 1]. Define /i by t G h{p) iff p G /i(t) 
and let T = ([0, 1], <, /i). 

I claim, for all a G C1(*^(0)), for all t G [0, 1], T, t |= a iff a G /i(t). 

This is a straightforward proof by induction on the construction of a. The 
case of [/(a, (5) is as follows. 

Note that if U{a,j3) G C1(*^(0)) then f/(a,/3) < >k^(0) and so both a and 
f3 are also in C1(*^(0)) by lemma |^. 

First suppose T, t |= U{a,(3). Thus there is s > t with < t < s < 1, 
T, s 1= a and for all m, if t < m < s then T, m |= /5. By the inductive hypothesis, 
a G /i(s) and for all m, if t < u < s then [3 G l^iu). By R2, f/(a,/?) G /i(t) as 
required. 

Now suppose f/(a,/3) G /i(t). Note that t < 1 as no U{^,5) is in yu(l) = 
end(rri) as m is relativized. By R2, either R2.1 or R2.2 holds and it can not be 
the latter as that entails f/(a,/5) G /i(l) amongst other things. So R2.1 holds 
and there is s with t < s < 1, a G /u(s) and for all m, if t < m < s then [3 G niu). 
It follows via the inductive hypothesis that T, t |= U{a,(3) as required. 

From the claim and conditions R4, R5 and R6 on realization, it follows that 
start(m) = {a G a(*^(0))|r,O |= a}, end(m) = {a G C1(*^(0))|T, 1 h "} 
and the cover of m contains exactly those a G Cl(*^((/))) which hold at all 
points in between and 1. Thus m = mos^(0, 1) as required. D 
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8 Decomposition trees 



In this section we begin to show the converse of the last lemma, to show that satisfiable 
mosaics appear in real mosaic systems. Here we show how to arrange decompositions for 
satisfiable mosaics into a tree structure. 

LEMMA 14 Suppose T = ([0, 1], <, h) is a structure, G L{U, S), and < xq < xi < 

... <Xn<l- 

Then the composition of {m.os{xo,xi),'mos{xi,X2), ■■■,Taos{xn-i,Xn)) is m.os{xQ,Xn)- 



LEMMA 15 Suppose G L{U,S) and T = {[0,1], <,h). If m = raos{x,y) for some 
X < y from [0, 1] then there is some sequence x = xq < xi < ... < Xn-i < Xn = y such 
that {m.os{xQ,Xi), ...,m.os{xn-i,Xn)) is a full decomposition of m. Furthermore, the Xi can 
he chosen so that no Xj^i — Xj is greater than half of y — x. 

PROOF: We will choose a finite set of points from ]x,y[ at which we will 
decompose m.os{x,y). For each defect 6 in m.os{x,y) = {A,B,C) choose some 
Us or zs witnessing its cure between x and y as follows. 

If (5 = U{a,j3) G A is a type 1 defect then it is clear that there must be 
Us E\x,y[ with T,us \= a and for all v e\x,us[, T,v |= 13. Similarly find 
Us E\x,y[ witnessing a cure for type 2 defects. 

If (5 G C10 is a type 3 defect in mos(x, y) then it is clear that there is 
Zs g]x, y[ with T, zs |= 5. 

Collect all the uss and zss so defined into a finite set and add the midpoint 
(x + y)/1 of X and y. Order these points between x and y a.s x = Xq < Xi < 
X2 < ... < Xn < Xn+i = |/. Note that some points might be in this list for two 
or more reasons. 

It is clear that because of our choice of witnesses, the sequence of mos(a;j_i, Xj) 
is a full decomposition. D 

DEFINITION 21 

1. A tree here is just a set (of nodes), partially- ordered by a binary irreflexive ancestor 
relation such that the set of ancestors of any node is finite and well-ordered (by the ancestor 
relation) and there is a (unique) root (ie, ancestor of every other node). 

2. The depth of a node with n ancestors is n -\- 1. So the root has depth 1. 

3. An ordered tree is a tree with finite numbers of children for each node and an 
earlier-later relation which totally orders siblings. 

4. A decomposition tree is an ordered tree with each node labelled by a pair {x,y) of 
elements of [0, 1] such that x < y and such that if node g is labelled by {x,y) and has 
children labelled by {xo,yo), ..., {xn,yn) in order then x = xq < yo = xi < yi = X2 < ... < 

y-a-l = Xn < yn = y- 
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5. A decomposition tree is tapering iff for all nodes g, and children h of g, if g is 
labelled by {x, y) and h is labelled by {u, v) then v — u is at most half of y — x. 

6. In the context of a structure ([0, 1], <, h) and a formula cj), we say that the (p-mosaic 
m is the mosaic label of a node g of a decomposition tree iff g is labelled by {x, y) and 
m = mos(a;, y). 

7. IfT = ([0, 1], <, h) is a structure and (p G L{U, S), then we say that a decomposition 
tree is (T, 0)-full iff for each node g, if g has children then the mosaic labels on the children 
in order form a full decomposition of the mosaic label of g. 

8. A {T,(j))-full decomposition tree is complete iff every node has children. 

In diagrams, we will represent earlier-later by left-to-right ordering and ancestors above 
descendents. 

An ordered tree has a depth-first earlier-later total ordering of its nodes. We will call 
this the lexical ordering and sometimes restrict it to leaf nodes. 

LEMMA 16 Suppose T = {[0,1], <,h) is a structure, G L{U,S), and < x < y < 
1. Then m.os{x,y) is the mosaic label of the root of a complete and tapering {T ,(j))-full 
decomposition tree. 

PROOF: Say m = mos(t~, t"*") for t~ < t~^ from [0,1]. Construct a de- 



composition tree with root labelled by (t ,t+) by repeated use of lemma |T5. 
D 

Consider the sequence of labels {u, v) along any infinite branch r^ of a tapering (T, 0)-full 
decomposition tree D. Because we have included the mid-points of each {u, v) in the labels 
of the children of that node, this sequence of pairs will converge to some r G [0, 1], ie if the 
labels of nodes in order along rj are {xo,yo), {xi,yi), ... then both sequences xq < xi < ... 
and yo > yi > ... converge to r. To see this, just note that the spread {v — m) of a node's 
label is at most half that of its parents. Call r = limit (77) the limit of 77. 

Note that if node / is a child of node g then the cover of the mosaic label of / includes 
(as a subset) the cover of the mosaic label of g. This is a simple property of compositions 
of mosaics. The cover of the mosaic label of the child may be strictly bigger. However, it 
may be equal. We are interested in infinite branches in such a D along which the cover of 
the mosaic labels remains the same forever. 

DEFINITION 22 Suppose H C C10. Say that the infinite branch t] G D is an infinite 
if -branch iff there is a node e & rj labelled with a mosaic of cover H such that every node 
f E rj which is a descendant of e is labelled with a mosaic with cover H . 

DEFINITION 23 We say that the infinite branch rj lies after the node k in an decom- 
position tree iff k does not lie on rj and there are some nodes of rj which lie lexically after 
k. 

We say that the infinite branch rj lies before the node k in an decomposition tree iff all 
the nodes of rj lie before k. 

We say that the branch rj lies before the branch 9 iff some node of 9 lies after rj. 
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Note the slight asymmetry in the definitions here refiecting the choice that descendents 
of a node will be lexically ordered after the node, rather than before. 

LEMMA 17 Suppose a node lies on an infinite H -branch. Then there is a lexically first 
such branch and a lexically last one. 

PROOF: To find the first branch, start at the node and recursively move to 
the first child of the current node which lies on an infinite iJ-branch. D 



LEMMA 18 Suppose k is a node labelled by {k-,k+) in a decomposition tree with root 
labelled by {g^.,gj^). 

Then there is a sequence kj^ = xq < xi < ... < Xn (possibly with n = and k+ = xq = 
Xn) with each {xi,Xi^i) the label of a leaf node of the tree and either: 

• Xn = g+ and there are no infinite branches after k, or 

• there is a node e labelled by (e„,e+) lying on an infinite branch with a;„ = e„. 
There is a mirror image. 

LEMMA 19 Suppose that E is a tapering (T,(f))-full decomposition tree such that every 
sibling of a leaf is itself a leaf. 

Suppose the root node g E E is labelled by {x,y) such that m.os{x,y) has cover H. 
Also suppose that g lies on an infinite H -branch. Suppose rj is the lexically first infinite 
H -branch on which g lies and limit (r^) = r. 

Then x < r. 

If X < r then there is a sequence x = Xq < Xi < X2 < ... < Xn < r such that n > and 
each {xi, Xj+i) is the label of the parent of leaf node in E. 

Furthermore, the sequence can be chosen such that if Xn < r then there is a sequence 
Xn = Vo < yi < ■■■ < y-m < f^ such that m > and: 

• each {yi,yi+i) is the label of a leaf node in E; 

• mos{yo,r) is fully decomposed by (mos(i/o,yi), •••, mos(i/„„i,|/„), mos(|/„,r)); 

• and mos(|/m, r) = mos(|/o? f^) ■ 

There is a mirror image result with rj being the lexical last branch on which g lies. 

PROOF: Suppose that the mosaic h appears infinitely often as a mosaic 
label along rj in the tree E. Thus the cover of h is H . 

For each 5 = S{a, 13) G C10 such that T, r |= 5 choose us < r such that 
T,us \= a and for all w E]us,r[, T, us \= 13. We say that l3 G C1(0) is constantly 
true for a while before r iff there is some x' < r such that ii x' < w < r then 
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T, Xj3 1= (3. For each (3 G C10 such that f3 is true for a while before r choose 
some xp < r such that if x^j < w < r then T, X/j |= /?. Now choose any node 
ko & rj strictly below g and labelled by («', v') such that u' is strictly greater 
than each us and each X/j. This can be done as v' — u' halves in each generation 
but always u' < r <v' . 

Now say that h appears as nios(A;_, fc+) for some node k E rj below k^ and 
labelled by (A;_, A;+). 

Let /i, ...,/„ be the sequence of parents of leaf nodes of E before k in order. 
By the mirror image of lemma |18|, there is a sequence x = xq < xi < ... < Xn = 



fc_ such that the label of each fi is (xj_i, Xi). Note that we apply lemma |T8| to 
the subtree of E without the leaf nodes of E. In the statement of the lemma we 
required that all siblings of leaves are themselves leaves in order to guarantee 
that this subtree is a decomposition tree. 

\i k_ = r then we are done. Assume A;_ < r. 

We say that a formula 7 is true (in T) arbitrarily recently before a point 
z G T iff for every z' < z there is some z" G T with z' < z" < z and T, z" \= 7. 
For each (3 G C10 which is true arbitrarily soon before r, choose some S/3 such 
that k_ < Sj3 < r and T, sp \= (3. Now find a node k' E rj below k and labelled 
by {k'_, k'j^) such that mos(/c'_, fc^) = h and k'_ is greater than each sp. 

Let (?!,..., (yfp be the sequence of parents of leaf nodes of E below k and before 
k' in order. Let hi, ..., hm-i be the sequence of children in E of the gi in order. 
By the mirror image of lemma |18| (used in the subtree rooted at k), there is 
a sequence k_ = i/q < yi < ... < ym-i = k'_ such that the label of each hi is 

If k'_ = r then let fn+i, ■■■, fn' be the parents of leaf nodes of E below k and 
before k' in order. By lemma |T8| (applied to the subtree of E rooted at k and 
not including the leaf nodes from E), there is a sequence k_ = Xn < Xn+i < 
... < Xn' = k'_ = r such that each (xj, Xj+i) is the label of fi. The long sequence 
X = Xo < Xi < ... < x„ < ... < Xn' = r is as required and we are done. 

Now assume k'_ < r. Let b' = mos(A;_,r). I claim that mos(fc'_,r) = b' too. 
The start of both is the start of b. The end of both is just {a G C10|T, r |= a}. 
Finally the cover of both is just the set of /? G C10 such that f3 holds constantly 
for a while before r. 

We will now show that a = (mos(yo, Vi), ■■■, nios(|/m,-i, 1/m), nios(ym, r)) fully 
decomposes b'. The composition is b' = mos(|/o; f) by lemma |1^. 

Before we show that the decomposition is full consider the nodes below k. 
Say that the children of node k are fci, ..., kg labelled by (mq, mi), •••, (wg-i, Ug) 
respectively. Thus {inos{uo,ui), ...,mos{ug-i,Ug)) is a full decomposition of 
mos(fc_, k+) = b. Also k_ = uq < ui < ... < Ug-i < Ug = k+ and there is some 
j such that Mj_i < r < Uj and fc^ lies on rj. Because rj is the lexically first infinite 
branch on which k lies there are only a finite number of nodes (in E) below 
any ki with i = l,...,j — 1. Also, we can start with the sequence ki,...,kj_i 
and repeatedly replace a node from E by the sequence of its children in order 
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and end up with a prefix sequence oi hi, ..., hm-i and a corresponding sequence 
k- = uq = i/Q < Hi < 1/2 < ... < Hm = %-i- Note that uq < ui < ... < Uj_i will 
be a subsequence of this. 

Now let us return to consider defects in b'. 

Type 1 defects: Suppose U{a,P) G start(6') = start(6) is a type 1 defect 
oib'. 

If it happens that j3 ^ H = cover(6) then f/(a, j3) is also a type 1 defect in h 
and thus cured in the full decomposition {mos{uQ,Ui), ...,mos(Mq_i, Wg)). Thus 
the cure of U{a,l3) is witnessed in this sequence. Say a G end(mos('Uj_i,-Uj)) 
and 13 G f];~^(cover(mos(-u;_i,-u;)) fl end(mos('Ui_i,-u;))) fl cover(mos(-Ui_i,Mi)). 
As kj labelled by (mj-i, Uj) lies on rj, cover(mos(-Uj_i, Uj)) = H does not contain 
j3. Thus i < j. However, we have seen that then Ui appears as one of the yi' 
and thus we can find a witness to the cure of the type 1 defect U{a, 13) of h' in 
the decomposition a as required. 

Now assume P E H = cover(6) C cover(6'). For U{a,P) to be a type 
1 defect in b' we thus must have a ^ end(6') and either (3 ^ end(6') or 
U{a,P) ^ end(6'). Since U{a,P) holds at A;_ we must have a true some- 
where between A;_ and r. So a is a type 3 defect of mos(A;_, k^) and so cured in 
{m.os{uo,ui), ...,m.os{uq-i,Uq)). Thus a must appear in the end of mos(Mi_i,Mj) 
say. It can not appear after r as U{a,P) is not true at r so i < j. As above 
this implies a appears in the end of a mosaic in mos(t/j',|/i/+i) in a. 

Type 2 defects: No type 2 defects are possible in b'. Suppose S{a,P) G 
end(6'). It is not possible that (3 ^ cover (6') as us(a,/3) < k^. It is not possible 
that a ^ start (6') and P ^ start (6') as Us(a,i3) < k^. It is not possible that 
a ^ start(6') and S{a,P) ^ start(6') as Us(a,i3) < k-. 

Type 3 defects: Suppose (3 G C10 but ~ /9 ^ cover (6'). So ~ /5 does not 
hold constantly for a while before r and so is true arbitrarily recently before r. 
So Ho = k- < sp < yrn-i = k'_ < r and T, Sf^ \= {3. Say that Vj'-i < sp < yji. 

So sp is within the label of hj' whose parent is Qg say. Maybe (3 is in 
the start or end of mos(a_,a+) where {a_,a+) is the label of gg. Otherwise 
~ /3 ^ cover(mos(a_, a+)) and so (3 appears in the end of a mosaic in the full 
decomposition of gg. So P is witnessed in {m.os{yo,yi), ...,m.os{ym-2,ym-i)) as 
required. D 



DEFINITION 24 Say that the infinite B-branch rj in a tapering {T,(f))-full decomposi- 
tion tree is a i? -stick iff' there is a node e E rj which lies on only one infinite B-branch. 

9 Satisfiability implies existence 

In this section we do the main work of the paper and show that satisfiable mosaics appear 
in real mosaic systems with a certain bound on the depth. 
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LEMMA 20 Suppose ip G L{U^ S) has length L and that ip-mosaic irtQ is [0, 1]- satis fiahle. 
Then there is a real mosaic system of depth 2L containing niQ. 

PROOF: Say T = {[0,1], <,h), < t^ < t+ < 1 and mo = mos^(t(^,4). 
Let S be the set of all mos(a:, y) ior x < y from [0, 1]. Clearly mo G 5*. I claim 
that S* is a real mosaic system of depth 2L. 

In fact, I show that for all m G 5, for all c = 0, ...,2L, if m has cover 
containing at least 2L — c formulas then m is a level c member of 5*. We 
proceed by induction on c. Suppose that we have shown this for every c' < c 
and mosaic m = {A, B,C) G S has cover containing at least 2L — (c + 1) 
formulas. All full trees will be (T, ^)-full trees. 

CLAIM 3 There is a tapering full decomposition tree E with root with mosaic 
label m = {A, B, C) such that: 

1. all siblings of leaves are leaves, 

2. each leaf and each parent of a leaf is labelled by a level c"*" member of S , 

3. if a node of E lies on an infinite branch then its mosaic label has cover B, 
and 

4- E has no B-sticks in it. 

PROOF: Choose any g_ < g^ such that m = m.os(g^,g^). Use 



lemma ^ to find a complete and tapering full decomposition tree D 
with root with label {g_,g+). 

Let Eo be the sub-tree of D containing only the nodes with mosaic 
label with cover B and all their children and grandchildren. Thus, 
any leaf node in Eq and any parent of a leaf node in Eq will have 
cover strictly including B and, by the inductive hypothesis will be a 
level c member of S. Also, any sibling of a leaf node of Eq will also 
be a leaf node of £"0. 

Enumerate the 5-sticks in Eq. This can be done as for each stick 
C, we can choose some node e^ which lies on it and on no other infinite 
i?-branches. 

We can use a step by step process of gradually constructing E 
from Eq. Each step removes one stick ^ by only changing the subtree 
of Eq rooted at e^. The step introduces no other infinite 5-branches. 
So it suffices to just show how to so remove one 5-stick ^ from Eq to 
make a tree E'. 

Choose any node / G ^ below e^ (so / lies on no other infinite 
S-branches apart from ^). Say that fi, ..., fa are the children of / in 
order and fd lies on ^. Say that fa is labelled by (A;„, k+) and that 
the limit of ^ is r (so k^ < r < k+). 

To make E' we will just replace fd from Eq and all its descendents 
by a sequence of new children of / who will be parents of leaf nodes 
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in E' . The new children of / will lie later than /i, ..., fd-i and ear- 
lier than /d+i, ..., /a- In fact, we may replace fd by one sequence of 
children with labels partitioning the interval [A;_, r] and another later 
sequence with labels partitioning the interval [r, /c+]. Such a change 
can be seen to be as required in effecting a removal of i^ without any 
other infinite branches being introduced or even affected. Note that 
as the start of the mosaic label of the first new child of / will just 
be the same as the end of fd-i (or the start of / in case that (i = 1), 
and similarly for the end of the last new mosaic label, the children of 
/ in E' will still carry a full decomposition of the mosaic label of /. 

If /;;_ = r or r = A;+ then we do not add any new children in the 
first or second sequence respectively. Note that there will be some 
new children to add in one or other or both sequences as we can not 
have k- = r = k^. Here we just show how to construct the first 
sequence of new children with labels partitioning [A;_,r] in the case 
that A;_ < r. Constructing the later second sequence is via a mirror 
image argument. 

So suppose k_ < r. Lemma [l^ applied to the subtree E'^^ of Eq 
consisting of fd and all its descendents in Eq tells us we have two 
cases. 

Possibly there is a sequence A;_ = xq < xi < ... < x„ = r such 
that each (xj,Xj+i) is the label of a parent, Qi say, of a leaf node in 
Eq. In this case the earlier sequence of new children of / in E' will 
be new nodes ei, ...,e„+i with each Cj labelled by (xj_i,Xj). We also 
give each Cj leaf node children with exactly the same labels as the 
leaf node children of g^. We are done. 

In the other case there is a sequence k_ = xq < xi < ... < 
Xn < Xn+1 = r such that each {xi,Xi+i) with i < n is the label of a 
parent gi of a leaf node in E'q and a sequence Xn = yo < Vi < ■■■ < 
Um < Vm+i = r such that each (j/j, yi+i) with i < m is the label of a 
leaf node in E'q and m.os{ym, r) = mos(?/05 r) is fully decomposed by 
{mos{yo,yi), ...,m.os{ym,r)). In this case the earlier sequence of new 
children of / in E' will be new nodes Cq, ..., e„ with each Cj labelled 
by (xj,Xj+i). For i < n, we give each Cj leaf node children with 
exactly the same labels as the leaf node children of gi. Thus for 
i < n each mos(a;j,Xj+i) is a level c member of S. For the node e„ 
labelled by (x„, r) we give it m + 1 children, Cq, ..., e^ in that order. 
We label each e'j by {yj,yj+i). Now m.os{yo,r) = Taos{ym,r) is fully 
decomposed by tactic trail ((mos(|/05 Z/i); •••) nios(ym-i, ym))) and each 
of these mosaics are mosaic labels of leaf nodes in E'q and so are level 
c members of S. Thus inos{yQ,r) = mos{ym,r), the mosaic label of 
both e„ and e^ is a level c"^ member of S. Again we are done. D 
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Construct such an E with root g labelled by {g-,g+)- If E has no infinite 
branches then it is clear that the mosaic labels on the leaf nodes taken in lexical 
order form a decomposition of m. They are all in S and so we have our required 
decomposition. Thus m G S* is a level (c + 1)~ member of 5* and hence trivially 
a level (c + 1) member of S and we are done. 

We can thus assume that E has two or more infinite branches: a lone one 
would be a stick. Say that ?7oo is the lexically first one and 6*00 is the lexically 
last one. 

Possibly g- = limit (r^oo)- If not, ie if g- < limit (r^oo), then we can use 
lemma |1^ to find either a sequence of level c"*" members of S which compose 
to mos((?_, limit (?7oo)) or sequences ctq and po of level c"*" members of S and a 
mosaic 61, such that 61 is fully decomposed by trail(po) and ctq ^(&i) composes 
to mos(5'_, limit (77)). 

It follows that mos(5'_, limit (?7oo)) is the composition of level (c+ 1)~ mem- 
bers of S. Similarly, with ^00 , and g^. We are done when we show that 
o = mos (limit (7700)5 liniit(6'oo)) is fully decomposed by a shuffle of level (c+ 1)~ 
members of S. Then it follows that mos{g^,g^) is a level (c + 1) member of 
S as required. Note that if limit (t^oo) = limit (^00) then we would already be 
done, so we are assuming limit(r7oo) < limit(6'oo)- 

Let K = {(3 e Clipl ~ /? ^ S}, the set of type 3 defects in m. 

Let hi be the deepest node on both rjoo and 9oo. Let /i2 be any descendent of 
hi on rjoo which has two children which each lie on an infinite 5-branch. Such 
a node exists as ?7oo is not a stick. Let h^ be a child of /i2 which does not lie on 
?7oo but does lie on another infinite 5-branch. Clearly h^ has mosaic label with 
cover B and /13 is lexically after every node on 7700- 

Say that the children of h^ are go, ...,gN in order. Because the children are 
labelled with a full decomposition, each (3 & K appears in the start of some gi 
for z > 0. 

CLAIM 4 For each i = 1,...,N, if g^ is labelled by {x,y), there are two infi- 
nite B-branches 6' and rj' such that limit(^') < a; < limit(r7') and, z/limit(6'') < 
limit(?7') then, mos(limit(6''), limit(77')) can be decomposed as a non-empty se- 
quence of level (c + 1)~ member of S which includes some mosaic with start or 
end equal to start(mos(x, y)). 

PROOF: We find rj' and, if x < limit (77'), a sequence p of level c"*" 
members of S which composes to mos(a;, limit (77')). Finding 6' and a 
similar sequence u which composes to mos(limit(6''),x) is (almost) a 
mirror image. The sequence z/ ^/z will be as required. 

Note that a.s i > 1, gi will have a next earlier sibling gi^i which 
will be labelled with {w, x) for some w. 

Use lemma ^ applied to gi^i to find a node e labelled by (e_, e+) 
lying on an infinite branch of E and a sequence x = Xq < ... < Xn = 
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Figure 2: A family of gis 

e_ with each (xj, Xj+i) the label of a leaf node of E. Note that there 
is an infinite branch of E which lies after gi^i as 9^ does. 

Possible a; = e_ in which case let a' be the empty sequence 
of mosaics. Otherwise, if x < e_ then let a' be the sequence of 
mos(a;j, Xj+i)s in order. These are each level c^ members of S and 
the composition of the sequence is mos(a;, e_). 

Let 7]' be the lexically first infinite branch on which e lies. If 
e_ = limit (r]') then we are done as /x = a' will do. So suppose 
that e_ < limit (77'). We will find a sequence /i' of level (c + 1)~ 
members of S which compose to mos(e_, limit (77')) and then we can 
put fj, = a' ^fj.' and we will be done. By lemma |T9| we have two cases. 

Possibly there is a sequence of mosaic labels of parents of leaf 
nodes in E which compose to mos(e_, limit (77')) and we can use that 
as our /i'. 

The other possibility is that we have a sequence r of mosaic labels 
of parents of leaf nodes in E followed by one final mosaic b such that 
fi' = T ^{b) composes to mos(e_, limit (77')) and b is fully decomposed 
by the tactic trail((p)) where p is a sequence of mosaic labels of leaf 
nodes of E. Again the mosaics in r are level c"*" members of S and b 
is a level (c + 1)~ member of S and so we are done. D 
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Let {(^_i,?7_i), ..., {9^s,V~s)} and {{9i,rii), ..., (ft,., rjr)} be the sets of all the 
pairs of infinite 5-branches got using claim ^ on each gi for i = 1,...,N, 
such that each 6^j and rj^j have equal limits but each 6j and rij do not. 
For each j = l,...,s, let Pj = {/3 G C1'?/'|T, limit (?7_j) |= /5}. For each 
j = 1, ...,r let Aj be a sequence of level (c + 1)~ member of 5* which compose 
to mos (limit (6*^), limit (r^j)). By the claim and our original choice of go, .■.,gN, 
we can do this and ensure that for each (3 E K, either there is a Pj with (3 G Pj 
or a Xj with f3 in the start or end of some mosaic in Xj. 

Now choose any infinite branch ^o of E as follows. Start at g and proceed 
recursively. Choose a child of the current node which lies on an infinite branch. 
When there is a choice of such children (as there will be infinitely often) in- 
finitely often choose an earlier child, infinitely often a later child. Let s be the 
limit of ^0- Let Pq = {a G Clip\T, s \= a}. Also let tjq = 6q. 

Say that an infinite S-branch k' is left dense if for all nodes e G k' there is 
a descendent / of e in n' such that / has at least two children /' and /" on 
infinite 5-branches such that /' is earlier than /" but /" lies on k'. 

Define right dense as the mirror image. 

Note that due to the absence of sticks each infinite i?-branch is either left 
dense or right dense or both. 

CLAIM 5 Each Oj{—s < j < r) and 6oo is left dense and each rij{—s < j < r) 
and rjoo is right dense. 

PROOF: Each 6i{i ^ 0) and 6oo is found as the lexically last 
infinite 5-branch on which some node lies. Thus it can not be right 
dense. As it is not a stick it must be left dense. Similarly with rjoo 
and each rii{i ^ 0). 

6*0 was chosen to be left dense and right dense by construction. 
D 

CLAIM 6 IfU{a,j3) is true at the limit of a right dense infinite branch of E 
then j3 is in the cover of m. 

PROOF: Suppose t]' is a right dense infinite branch with limit s 
and P = {7 G Clip\'T',s \= 7}. If T,s \= U{a,P) then there is some 
t > s such that T,t \= a and for all m, if s < m < t then T,u \= p. 

Choose some node h E tj' labelled by {h_,h^) such that h+ — 
h^ < t — s which we can do as the width of labels halves with each 
generation. 

Since r]' is right dense we can choose some descendent h' of h with 
a child / on an infinite 5-branch and an earlier child /' lying on rj' . 
Say that / is labelled with (u, f). 

Clearly h_ < s < u < v < h^ < t. Thus (3 is in the cover of 
inos{u,v) which is just B. D 
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CLAIM 7 If a is a type 3 defect in m and 6 is a left dense infinite branch 
then a is true arbitrarily recently before limit (0). There is a mirror image using 
right dense infinite branches and arbitrarily soon afterwards. 

PROOF: Let limit (6') = s and t < s. Choose a node ni on 6 
labelled with {n~[,n^) such that t < n]^ < s. Choose a node n2 
on 6 below ni with two children n^ before 71,4 with 714 on 6 and n^ 
on another infinite branch. So t < n^ < n^ < n^ < n^ < s. 
Now the cover of mos{n^,n^) is B and a is a type 3 defect in m 
and so in mos(nj^, n^). Consider the full decomposition exhibited by 
the children of n^. Thus there is some non-first child n^ of n^ with 
a G start(mos(n^,n^)). Thus t < n^ < n^ < n^ < n^ < n^ < s 
and T, n^ |= a as required. D 

CLAIM 8 The cover ofoisB. 

PROOF: As Q-. < limit (?7oo) < limit (^00) < 9+, the cover is con- 
tained in B. For each (3 G C\{ip)\B., ~ /? is a type 3 defect in m and 
so by claim |^, (3 is true arbitrarily soon before limit (^00) • Thus ~ (3 
is also not in the cover of 0. D 

CLAIM 9 If rj is a right dense infinite branch of E then limit(r7) < limit(6'oo)- 
(And mirror image). 

PROOF: It is clear that limit(?7) < limit(6'oo)- We must rule out 
the case of limit (?]) = limit (6*00)- Choose any node n labelled by 
{n_,nj^) say on rj which has a later sibling n' labelled by {n'_,n'_^) 
on another infinite branch k, say. Thus limit (r^) < n+ < n'_ < 
limit (/t') < limit (^00) • Now choose a descendent p oi n labelled by 
(p_,p+) which lies on r) and has a later sibling p' lying on another 
infinite branch. Thus limit (r^) < p+ < p'_ < p\ <n^< limit (^00) as 
required. D 

CLAIM 10 Ifri is a right dense infinite branch of E then Q = {7 G Q\i\}\T ^ limit(r7) 
7} satisfies the forward K{o) property. There is a mirror image. 

PROOF: Suppose r/ is a right dense infinite branch. First suppose 
U{a,l3) G Q. By claim |^, /5 G cover(m) = B = cover(o). 

Now either a is a type 3 defect in m so ~ a ^ cover(m) (so Kl) 
or a is not a type 3 defect of m so ~ a G -B. However, U{a,(3) is 
true at limit (77) so there is s > limit (r^) with a true at s and (3 true 
everywhere in ] limit (r^), s[. Thus s > g^ and (3 is true everywhere in 
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]g-, s[. It follows that f3 and f/(a, [3) hold everywhere in ]g_, s[. Now 
g_ < hmit(6'oo) < (?+ < s so a holds at limit (6*00) if limit (^00) = 9+ = 
s or P and U{a,P) hold at limit(6'oo) if limit(6'oo) < s. Thus K2 or 
K3 holds as required. 

To show the converse suppose that (3 & B and Kl, K2 or K3 holds 
with respect to f/(a, (3) and the forward K{o) property. Thus [3 holds 
everywhere between limit (r^) and limit (^00 )■ If K2 or K3 holds then it 
is clear that U{a, (3) is true at limit(?7). If Kl holds then claims |^ and 
^ tell us that a is true somewhere in between limit (77) and limit (6'oo). 
Again it follows that U{a,(3) is true at limit (r^) as required. D 

CLAIM 11 The mosaic o = mos (limit (7700), limit (6'oo)) is fully decomposed by 
the tactic shuffle {{Pq, ...,Ps), {Xi, ..., Xr)). 

PROOF: Let Ai and Ci be as in the definition of a shuffle. 

We use lemma |[ All the necessary forward and backward K{o) 



properties (S1-S5) follow from claim |T0| above. 

SO holds by virtue of claim |^. S6 holds by choice of the P, and 

Xi. D 

This gives us our result as mos(limit(r7oo), liniit(6'oo)) is fully decomposed by 
a shuffle in which each mosaic in each Aj is a level (c + 1)~ member of S. D 

10 Summary so far 

Let us summarize. 

DEFINITION 25 Suppose ip G L{U, S). Let RMSiijj) be the set of all ^-mosaics which 
appear in any real mosaic system. 

LEMMA 21 Suppose ip G L{U,S). Then RMS{iIj) is a real mosaic system and the 
following are equivalent for any ip-mosaic m and any n > 0: 

1. m is a level n member of RMS{il)). 

2. m is a level n member of some real mosaic system. 

PROOF: To show 2 implies 1 is straightforward and it follows that RMSlip) 
is a real mosaic system. It is then clear that 1 implies 2. D 

THEOREM 2 Suppose (p is a formula of L{U, S) and q is an atom not appearing in 0. 
Suppose ip = *g(0) has length N . 
Then the following are equivalent: 

1. ip is M.- satis fiable; 

2. there is a {cp, q) -relativized ip -mosaic which appears in some real mosaic system; 

3. there is a {(p,q) -relativized ip-mosaic which is a level 2N member of RMS{ip). 
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PROOF: (1 ^ 3) If is satisfiable then lemma |^ implies there exists a 
(0, g)-relativized -^-mosaic m which is fully [0, l]-satisfiable, and so is [0, 1]- 
satisfiable. Lemma ^ implies m appears in a real mosaic system of depth 
2N. 

(3^2) follows from lemma |21|. 

(2^1). If (0, g)-relativized ijj-inosa.ic m appears in a real mosaic system 
then lemma |13| implies that m is fully [0, 1] -satisfiable. Thus lemma ^ tells us 
that (h is M-satisfiable. D 



11 The width of the decompositions 

In this section we place bounds on the number of mosaics needed in various decompositions. 
This is to allow us to determine termination conditions during nondeterministic algorithms. 
Suppose G L{U, S) has length L. There are at most 2L formulas in C1(0) and so 
there are at most 2^-^. 2^^. 2^^ = 2^^ different 0-mosaics. 

LEMMA 22 Suppose G L{U, S) has length L. If the sequence a of (p-mosaics composes 
to m then there is a subsequence a' of a of length at most T^^^^ which also composes to m. 

PROOF: For each P & K = {P E C1(0)| ~ /? ^ cover(m)} choose a mosaic 
from a to witness (5. We can choose either a non-first mosaic which has (3 
in its start, a non-last mosaic which has j3 in its end or any mosaic from a 
which does not have ~ /5 in its cover. Call these < 2L mosaics the important 
ones in a. Construct a' by including the important mosaics and a composing 
subsequence of the mosaics between each consecutive pair of important mosaics 
which contains no repeated mosaics. A simple iterative procedure allows us to 
successively remove one copy of each repeat and the mosaics in between. Thus 
there will be at most 2^^ mosaics in a' in between important mosaics. The 
maximum length of a' will be 2L.2^^ < 2^^"*"^. It is straightforward to check 
that the composition of a' is m: the cover is right because of the inclusion of 
the important mosaics. D 



LEMMA 23 // a (j)-mosaic m is fully decomposed by the tactic lead(cr) (or trail(cr) j then 
there is a subsequence a' of a of length at most 2'^^^^ such that m is fully decomposed by 
the tactic lead(a') (or trail(cr') respectively). 

PROOF: Use the idea of important mosaics as in the proof of the previous 
lemma but include, as important, a witness for the cure of each defect in m. 

U 
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LEMMA 24 If a (f)-mosaic m is fully decomposed by the tactic shuffle {{Pq, ..., Ps), (Ai, ..., Xr)) 
then m is fully decomposed by a tactic shuffle ((Pq, ..., P'^,), {X'l, ..., A^,)) where r' + s' < 2L, 
each Pi is one of the Pj, each A^ is a subsequence of one of the Xj and each A^ has length 
at most 2^^^^. 

PROOF: By lemma ^ we need only enough Pi and Aj such that each element 
oi K = {[3 & Cl(</))| ^ 13 ^ cover(m)} appears in some Pj or in the start or end 
of a mosaic in some Aj. Thus r' and s' can be chosen so that r' + s' <2L. 

As in the proofs of the previous lemmas we can reduce each of the chosen 
Aj to be of length < 2'^^^^ by removing repeats in between important mosaics: 
in this case just the witnesses of elements of K. D 

12 RTL-SAT in PSPACE 

Recall that we have defined RTL-SAT to be the problem of deciding satisfiability of for- 
mulas in the language L{U, S) over real flows of time. So, the idea is that we enter a 
formula as input into a machine and we get a yes or no answer as output corresponding to 
satisfiability or unsatisfiability respectively. Here we show that RTL-SAT is in PSPACE. 
We need to specify how formulas of L{U, S) are fed into a Turing machine. There is 
a particular question about the symbolic representation of atomic propositions since we 
allow them to be chosen from an infinite set of atoms. A careful approach (seen in a similar 
example in [[HU79|| ) is to suppose (by renaming) that the propositions actually used in a 



particular formula are Xi, ...,a;„ and to code Xj as the symbol x followed by i written in 
binary. Of course this means that the input to the machine might be a little longer than 
the length of the formula. In fact a formula of length n may correspond to an input of 
length about nlog2n. However, for a PSPACE algorithm the difference is not enough for 
us to need to carefully distinguish between the length of the formula and the length of the 
input. 

In the proof we shall make use of non-deterministic Turing machines. We use the 
definition of NPSPACE (as in ||vEB90|| ) which requires all possible computations of such a 



machine to terminate on any input after using space polynomial in the size of the input. 

DEFINITION 26 We consider several algorithms, each of which is given a formula (j) of 
L[U, S), a natural number n, and a (p-mosaic m (or more correctly a triple {A, B, C) where 
A, B and C are subsets of C\{(j))). We say that a possibly nondeterministic algorithm is a 
ip-NPSPACE one iff there is some polynomial p{L) such that on any input with of length 
< L and n < 2L the algorithm returns a yes or no answer after using at most p{L) tape 
spaces. 



LEMMA 25 There are (p-NPSPACE algorithms which do the following for each 0, n and 
m: 
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SH{(f),n,m) decides whether or not there exists PiS and XjS such that m can be fully 
decomposed by the tactic shuffle {{Pq, ...,Ps), (Ai, ...., A^)) where each mosaic in each 
Xi is a level n" member of RMS {(p). 

LV{(f),n,m) decides whether or not m is a level n member of RMS {(p); 

LD{(j),n,m) decides whether or not there is some a such that m can be fully decom- 
posed by tactic lead(o") with each mosaic in a being a level n member of RMS {(p); 

TR{(f), n, m) decides whether or not there is some a such that m can be fully decom- 
posed by tactic trail((T) with each mosaic in a being a level n member of RMS {(p); 

CP{(f),n,m) decides whether or not m is a level n+ member of RMS {(p); 

LD'{(p,n,m) decides whether or not there is some a such that m can be fully decom- 
posed by tactic lead(a") with each mosaic in a being a level ri^ member of RMS {(p); 

TR'{(p,n,m) decides whether or not there is some a such that m can be fully decom- 
posed by tactic trail(o") with each mosaic in o being a level n^ member of RMS{(p); 

CM{(p,n,m) decides whether or not m is a level (n + 1)~ member of RMS {(p); 

PROOF: 1. Description of algorithms. The algorithms are defined in 
terms of each other. First consider SH. Given (p of length A^, n and m, first 
check whether m is a mosaic and check that its start satisfies the forward K{m) 
property and its end satisfies the backwards K{m) property. Return the answer 
"no" if any of these checks or subsequent checks fail. Also collect the set DEF 
of type 3 defects in m and guess s < 2N. 

For each i = to s, guess Pi and check that it is an MFC containing 
the cover of m and satisfying the forwards and backwards K{m) property and 
remove any (3 & Pi from the set DEF. 

Guess r G {0, 1, ..., 2N — s}. For each i = 1, ..., r (if any), guess the start of 
the first mosaic in Aj and check that it satisfies the backwards K{m) property 
and guess the end of the last mosaic in Aj and check that it satisfies the forwards 
K{m) property. Also guess and check "on the fiy" a composing sequence Aj of 
up to 2^^"*"^ mosaics (with appropriate start and ends). Check (via CM{(p,n — 
1, m')) that each m' of these is a level n~ member of RMS{(p) and remove from 
DEF any formula which appears in the start or end of m'. Check that the 
start, cover and end of each m' contains the cover of m. 

Return "yes" if DEF ends up empty. Otherwise return "no" . 

Now consider LV. To decide whether or not m is a level n member of 
RMS{(p) we need to guess a sequence of mosaics which compose to m and 
check that each of these, m' say, is either a level n~ member of RMS{(p) (so 
use LV{(p.,n — l,m')) or is fully decomposed by a shuffle with each mosaic 
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in each sequence in the shuffle being a level n~ member of RMS{(f)) (so use 
SH{(f),n,m')). 

LD is as follows. To decide whether or not there is some a such that m 
can be fully decomposed by tactic lead(cr) with each mosaic in a being a level 
n member of RMS{(j)), we need to guess and check a sequence a ^{m) which 
is a full decomposition of m and check that each mosaic in a returns yes from 
LV{(j),n,m). 

TR is similar to LD. 

CP is easy: we already know how to guess and check decompositions. LD' 
and TR' are very similar to LD and TR. CM uses LD' and TR' in the same way 
CP uses LD and TR. We already know how to guess and check decompositions. 

2. The algorithms use polynomial space and are correct. Fix of 
length N. We proceed by induction on the number n used. Assume n > and 
that we have shown that the algorithms work for any n' < n and any m. 



By lemmas 24 and H and the inductive hypothesis, SH gives the correct 



result. By lemmas E2| and 121, the other algorithms are correct. 



The space bounds follow as each algorithm needs only a small constant 
amount of information about each mosaic and the composition so far in a 
possibly long composing sequence of mosaics. They may also need about 7N 
bits to represent, in binary, the value of a counter as we check that the sequence 
is not too long. Each call that they make to another algorithm also requires 
a polynomial amount of space but we know that the depth of nesting of such 
calls is just linear in A^. D 

We conclude 
LEMMA 26 RTL-SAT is m PSPACE. 

PROOF: An NPSPACE algorithm is as follows. Given of length L, choose 
some atom q not appearing in (p. Guess a (0, g)-relativized *^(0)-mosaic m = 
{A,B,C) (checking that it is is straightforward and uses polynomial space). 
Use LV from lemma ^ to check whether there is a real mosaic system of depth 
6L including m. By theorem |^, this approach gives "yes" answers to satisfiable 
input and the approach does not give incorrect "yes" answers. 

By a theorem in | |Sav7CI| ] the problem is also in PSPACE. D 



13 RTL-SAT is PSPACE-hard 

This part of the result is relatively straightforward. 
LEMMA 27 RTL-SAT is PSPACE-hard. 
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PROOF: The proof of lemma 15 in |[Reyed|] (as one possible example amongst 



many in the literature) contains a formula which we can easily modify. The idea 
is to simulate the running of any polynomial space bounded Turing machine in 
a formula. 

Let M = {Q, S, C, Va, Vr, go) be a one-tape deterministic Turing Machine 
where Q is the set of states, S is the alphabet including blank ^, ( : {Q xH) —>■ 
(Q X S X {L,R}), Ki C Q is the set of accepting states, Vr C Q is the set 
of rejecting states and go ^ Q is the initial state. Suppose that M is S{n)- 
space bounded, where S{n) is bounded by a polynomial in n. Without loss of 
generality, we may assume that M is 2-^*^"^ -time bounded where B(n) is also 
bounded by a polynomial in n. We also assume that once M enters a state in 
Va (or Vr) then it stays in states in Va (Vr resp.). Let a = ai...a„ be an input 
to M. 

We can represent runs of M via tape configurations in the usual way. These 
may be supposed to be sequences of S{n) symbols each from S U (Q x S). 

We are going to effectively construct an L{U) formula which is of poly- 
nomial size in n such that the satisfiability of (p is equivalent to the acceptance 
of a by M. 

The atoms we use for are from Q U {Q x "£) U {tick, *} along with B{n) 
new atoms ri, ...,rB{n)- 

The idea of the proof will be that is M-satisfiable iff it is satisfiable in a 
certain structure T in this language. T will represent an accepting run of M 
on a in a straightforward way. T has an initial tick point say. From then on, 
every tick point has a successor tick point so we can name the points 0, 1, 2, ... 
etc but there may be more tick points after those. At every {S{n) + l)th tick 
point, starting at 0, the atom * will hold. The S{n) tick points in between 
* points will represent the contents of M's tape configuration at a particular 
instant. The points l,...,S{n) represent the tape configuration at the initial 
instant of M's run with input a. For 1 < z < S{n), the atom Oj from S will 
be true at the ith point. The atom (go, ai) G Q x S will hold at point 1. The 
S{n) points in between the * at point S{n) + 1 and the * at point 2S{n) + 2 
will similarly contain the tape configuration at the second instant of M's run. 
And so on. 

We will use the TjS to count up to 2^*^"') in binary at * points because we 
are only interested in the first 2'^*^"-' steps in M's computation. 

The formula will be the conjunction of 0i,...,0i5 as defined below. It 
should be clear that is satisfiable iff it is satisfiable in a model like T which 
represents a run of M (on input a) which is accepting, iff M accepts a. That 
will complete our proof. 

We use abbreviations _L = -iT, Xa = f/(tick Aa, -itick). Fa = U{a, T) and 
Ga = ^F{^a). We also write X'^+^a for XX"a and X^a = Xa. Note that 
F and G are thus strict. 

The discreteness of ticks is given by 0i = tickA-iS'(tick, T) AG'(tick — > XT). 
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The distribution of *s is given by 02 = * A X'^("')+^ * AG{* -^ X'^(")+^*). 

03, which we will not write out in detail just prevents any two different 
configuration symbol atoms from Q U {Q x Tj) U {*} from holding at any one 
point and prevents any of these symbols holding at non-tick points. 

The initial configuration is given by 04 = Pq defined as follows. Let Ofc = # 
for each k > n. Now define each (3^. by recursion down from l3s(n) to /Sq. 
Ps{n) = T, each P^-i = X{ak A (3k) {k> 0), and (3o = X((go, Oi) A Pi). This is 
a formula of length < 5S{n). 

The start of the second configuration is determined by 05 = X'^'^"')+^(a' A 
X{(l',ci2)) where q' and a' are such that ClO'cOi) = {q',a',R). (M must move 
right at first). 

The relationship between a consecutive sequence of three symbols in any 
configuration and the corresponding symbols at the next step is given in cases 
by 06, ...,012- 

06 is the conjunction of all 

G{{* A X((g, a) A Xb)) -^ X^(")+i(* A X{a' A X{q', b)))) 
for each g, q' G Q, a, b,a' E T, such that ({q, a) = (g', a', R). 

07 is the conjunction of all 

G{{a A X{{q, b) A Xc)) -^ X^(")+^((g', a) A X{b' A Xc))) 
for each q, q' G Q, a, 6, c, 6' G S such that CI?, &) = (?', &', -^)- 

08 is the conjunction of all 

G((a A X((g, 6) A Xc)) ^ X^(")+i(a A X(6' A X(g', c)))) 
for each g, g' G Q, a, &, c, 6' G S such that C,{q, b) = (g', b', R). 

09 is the conjunction of all 

G{{a A X((g, 6) A X*)) ^ X^W+i((g', a) A X(6' A X*))) 
for each g, g' G Q, a, 6, c,b' E T, such that CI?, &) = (?', &', -Z^)- 

010 is the conjunction of all 
G{{a A X(6 A Xc)) -^ X'5(")+i(X6)) 
for each a,b,c E S. 

011 is the conjunction of all 
G{{* A X(6 A Xc)) ^ X^(")+i(X6)) 
for each b,c E S. 

012 is the conjunction of all 
G{{a A X{b A X*)) ^ X^(")+i(X6)) 
for each a, 6 G S. 

It is straightforward to show that 05,...,0i2 along with 03 ensures the 
progress of configurations represented in any model of matches those of a 
run of M. 

013 says that of the r^s only ri holds at time point S{n) + 1. 

014 forces the r^s to count * points. This large conjunct of is still of size 
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polynomial in n. It is 

Bin) 

G /\ [((* A /\r,) A -r,) ^ (X^(")+i((/\^r,) A r,) A /\(r, ^ X^^+V,))]. 

1=1 j<i j<i j>i 

015 says that when the r^s are next all false at an * point then from then on 
the only (g, a) atoms holding are those with q E Va- This forces the structure 
to be representing an accepting run of M as described above. 

D 



14 Conclusion 

We have shown that the decision problem for the temporal logic with until and since 
connectives over real-numbers time is PSPACE-complete. 

There is a simple corollary using the expressive completeness (| pHR9^ ) of RTL over 
the reals. Consider a usual temporal logic, ie one with connectives defined by first-order 
truth tables as defined in | |GHK94| | . It follows that deciding any usual temporal logic over 
the reals is a PSPACE problem (but not necessarily PSPACE-hard). 

In the introduction I suggested that the mosaic proof here suggests a tableau style 
theorem-proving procedure for the logic. The idea would be to generate all 0-mosaics for 
a given and then systematically remove those which can be decomposed into simpler 
mosaics (in the sense of a real mosaic system). This would give an exponential time 
procedure along the lines of that seen in |Pra79|| . We leave further development of this 
idea as future work. 
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